]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


bde34a397b74a6463adbc1eb09725d936170f71b
[tmp/jakarta-migration.git] /
1 /**
2  *  This document is a part of the source code and related artifacts
3  *  for CollectionSpace, an open source collections management system
4  *  for museums and related institutions:
5
6  *  http://www.collectionspace.org
7  *  http://wiki.collectionspace.org
8
9  *  Copyright 2009 University of California at Berkeley
10
11  *  Licensed under the Educational Community License (ECL), Version 2.0.
12  *  You may not use this file except in compliance with this License.
13
14  *  You may obtain a copy of the ECL 2.0 License at
15
16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
17
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS,
20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 package org.collectionspace.services.authorization;
25
26 import org.collectionspace.services.account.AccountRoleSubResource;
27 import org.collectionspace.services.client.RoleClient;
28 import org.collectionspace.services.common.SecurityResourceBase;
29 import org.collectionspace.services.common.ServiceMessages;
30 import org.collectionspace.services.common.context.RemoteServiceContextFactory;
31 import org.collectionspace.services.common.context.ServiceContext;
32 import org.collectionspace.services.common.context.ServiceContextFactory;
33 import org.collectionspace.services.common.storage.StorageClient;
34 import org.collectionspace.services.common.storage.TransactionContext;
35 import org.collectionspace.services.common.storage.jpa.JpaStorageClientImpl;
36 import org.collectionspace.services.common.CSWebApplicationException;
37
38 import org.jboss.resteasy.util.HttpResponseCodes;
39 import org.slf4j.Logger;
40 import org.slf4j.LoggerFactory;
41
42 import javax.ws.rs.Consumes;
43 import javax.ws.rs.DELETE;
44 import javax.ws.rs.GET;
45 import javax.ws.rs.POST;
46 import javax.ws.rs.PUT;
47 import javax.ws.rs.Path;
48 import javax.ws.rs.PathParam;
49 import javax.ws.rs.Produces;
50 import javax.ws.rs.QueryParam;
51 import javax.ws.rs.core.Context;
52 import javax.ws.rs.core.Response;
53 import javax.ws.rs.core.UriBuilder;
54 import javax.ws.rs.core.UriInfo;
55
56 @Path(RoleClient.SERVICE_PATH)
57 @Consumes("application/xml")
58 @Produces("application/xml")
59 @SuppressWarnings("unchecked")
60 public class RoleResource extends SecurityResourceBase {
61
62     final Logger logger = LoggerFactory.getLogger(RoleResource.class);
63     final StorageClient storageClient = new JpaStorageClientImpl();
64
65     @Override
66     protected String getVersionString() {
67         return  "$LastChangedRevision: 1165 $";
68     }
69
70     @Override
71     public String getServiceName() {
72         return RoleClient.SERVICE_NAME;
73     }
74
75     @Override
76     public Class<RoleResource> getCommonPartClass() {
77         return RoleResource.class;
78     }
79
80     @Override
81     public ServiceContextFactory getServiceContextFactory() {
82         return RemoteServiceContextFactory.get();
83     }
84
85     @Override
86     public StorageClient getStorageClient(ServiceContext ctx) {
87         //FIXME use ctx to identify storage client
88         return storageClient;
89     }
90
91     @POST
92     public Response createRole(Role input) {
93         return create(input);
94     }
95
96     @GET
97     @Path("{csid}")
98     public Role getRole(@PathParam("csid") String csid, @Context UriInfo ui) {
99         return (Role)get(ui, csid, Role.class);
100     }
101     
102     /*
103      * Get a list of accounts associated with this role.
104      */
105     @GET
106     @Path("{csid}/accountroles")
107     public AccountRole getRoleAccounts(
108             @PathParam("csid") String accCsid) {
109         logger.debug("getAccountRole with accCsid=" + accCsid);
110         ensureCSID(accCsid, ServiceMessages.GET_FAILED+ "accountroles role ");
111         
112         AccountRole result = null;
113         try {
114             AccountRoleSubResource subResource =
115                     new AccountRoleSubResource(AccountRoleSubResource.ACCOUNT_ACCOUNTROLE_SERVICE);
116             //get relationships for a role
117             result = subResource.getAccountRole((ServiceContext)null, accCsid, SubjectType.ACCOUNT);
118         } catch (Exception e) {
119             throw bigReThrow(e, ServiceMessages.GET_FAILED, accCsid);
120         }
121         checkResult(result, accCsid, ServiceMessages.GET_FAILED);
122         
123         return result;
124     }
125
126     @GET
127     @Produces("application/xml")
128     public RolesList getRoleList(@Context UriInfo ui) {
129         return (RolesList)getList(ui, Role.class);
130     }
131
132     @PUT
133     @Path("{csid}")
134     public Role updateRole(@PathParam("csid") String csid, Role theUpdate) {
135         Role result = null;
136         
137         try {
138                 Role role = (Role)get(csid, Role.class);
139                 // If marked as metadata immutable, do not update
140                 if (RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
141                     Response response = 
142                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
143                 throw new CSWebApplicationException(response);
144                 }
145                 result = (Role)update(csid, theUpdate, Role.class);
146         } catch (Exception e) {
147             throw bigReThrow(e, ServiceMessages.UPDATE_FAILED, csid);
148         }
149         
150         return result;
151     }
152
153         @DELETE
154     @Path("{csid}")
155     public Response deleteRole(@PathParam("csid") String csid, @Context UriInfo ui) {
156         logger.debug("deleteRole with csid=" + csid);
157         ensureCSID(csid, ServiceMessages.DELETE_FAILED + "deleteRole ");
158
159         try {
160             ServiceContext<Role, Role> ctx = createServiceContext((Role) null, Role.class);
161             ctx.openConnection(); // ensure we do all this in one transaction
162             try {
163                         Role role = (Role)get(csid, Role.class);
164                     // If marked as metadata immutable, do not delete
165                     if (RoleClient.IMMUTABLE.equals(role.getMetadataProtection())) {
166                         Response response = 
167                                 Response.status(Response.Status.FORBIDDEN).entity("Role: "+csid+" is immutable.").type("text/plain").build();
168                         return response;
169                     }
170                     //
171                     // delete all the permission/role relationships
172                     //
173                     PermissionRoleSubResource permRoleResource =
174                             new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
175                     permRoleResource.deletePermissionRole(ctx, csid, SubjectType.PERMISSION);
176                     //
177                     //delete all the account/role relationships associate with this role
178                     //
179                     AccountRoleSubResource accountRoleResource =
180                         new AccountRoleSubResource(AccountRoleSubResource.ROLE_ACCOUNTROLE_SERVICE);
181                     accountRoleResource.deleteAccountRole(ctx, csid, SubjectType.ACCOUNT);
182                     //
183                     //finally, delete the role itself
184                     //
185                     ((JpaStorageClientImpl) getStorageClient(ctx)).deleteWhere(ctx, csid);
186             } finally {
187                 ctx.closeConnection();
188             }
189         } catch (Exception e) {
190             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, csid);
191         }
192         
193         return Response.status(HttpResponseCodes.SC_OK).build();
194     }
195
196     @POST
197     @Path("{csid}/permroles")
198     public Response createRolePermission(@QueryParam("_method") String method, @PathParam("csid") String roleCsid,
199             PermissionRole input) {
200         if (method != null) {
201             if ("delete".equalsIgnoreCase(method)) {
202                 return deleteRolePermission(roleCsid, input);
203             }
204         }
205         
206         logger.debug("createRolePermission with roleCsid=" + roleCsid);
207         ensureCSID(roleCsid, ServiceMessages.PUT_FAILED + "permroles role ");
208         Response response = null;
209         try {
210                 Role role = (Role)get(roleCsid, Role.class);
211             // If marked as metadata immutable, do not delete
212             if (RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
213                 response = 
214                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
215                 return response;
216             }
217             PermissionRoleSubResource subResource =
218                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
219             String permrolecsid = subResource.createPermissionRole((ServiceContext)null, input, SubjectType.PERMISSION);
220             UriBuilder path = UriBuilder.fromResource(RoleResource.class);
221             path.path(roleCsid + "/permroles/" + permrolecsid);
222             response = Response.created(path.build()).build();
223         } catch (Exception e) {
224             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
225         }
226
227         return response;
228     }
229
230     @GET
231     @Path("{csid}/permroles")
232     public PermissionRole getRolePermission(
233             @PathParam("csid") String roleCsid) {
234         logger.debug("getRolePermission with roleCsid=" + roleCsid);
235         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
236         
237         PermissionRole result = null;
238         try {
239             PermissionRoleSubResource subResource =
240                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
241             //get relationships for a role
242             result = subResource.getPermissionRole((ServiceContext)null, roleCsid, SubjectType.PERMISSION);
243         } catch (Exception e) {
244             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
245         }
246         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
247         
248         return result;
249     }
250
251     @GET
252     @Path("{csid}/permroles/{id}")
253     public PermissionRoleRel getRolePermission(
254             @PathParam("csid") String roleCsid,
255             @PathParam("id") String permrolecsid) {
256         logger.debug("getRolePermission with roleCsid=" + roleCsid);
257         ensureCSID(roleCsid, ServiceMessages.GET_FAILED + "permroles role ");
258         
259         PermissionRoleRel result = null;
260         try {
261             PermissionRoleSubResource subResource =
262                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
263             //get relationships for a role
264             result = subResource.getPermissionRoleRel((ServiceContext)null, roleCsid, SubjectType.PERMISSION, permrolecsid);
265         } catch (Exception e) {
266             throw bigReThrow(e, ServiceMessages.GET_FAILED, roleCsid);
267         }
268         checkResult(result, roleCsid, ServiceMessages.GET_FAILED);
269         
270         return result;
271     }
272
273     public Response deleteRolePermission(String roleCsid, PermissionRole input) {
274         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
275         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
276         
277         Response result = null;
278         try {
279                 Role role = (Role)get(roleCsid, Role.class);
280             // If marked as metadata immutable, do not delete
281             if (RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
282                 Response response = Response.status(Response.Status.FORBIDDEN).entity(
283                                 "Role: "+roleCsid+" is immutable.").type("text/plain").build();
284                 return response;
285             }
286             PermissionRoleSubResource subResource =
287                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
288             //delete all relationships for a permission
289             subResource.deletePermissionRole((ServiceContext)null, roleCsid, SubjectType.PERMISSION, input);
290             result = Response.status(HttpResponseCodes.SC_OK).build();
291         } catch (Exception e) {
292             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
293         }
294         
295         return result;
296     }
297
298     @DELETE
299     @Path("{csid}/permroles")
300     public Response deleteRolePermission(
301                 @PathParam("csid") String roleCsid) {
302         logger.debug("deleteRolePermission with roleCsid=" + roleCsid);
303         ensureCSID(roleCsid, ServiceMessages.DELETE_FAILED + "permroles role ");
304         
305         try {
306                 Role role = (Role)get(roleCsid, Role.class);
307             // If marked as metadata immutable, do not delete
308             if (RoleClient.IMMUTABLE.equals(role.getPermsProtection())) {
309                 Response response = 
310                         Response.status(Response.Status.FORBIDDEN).entity("Role: "+roleCsid+" is immutable.").type("text/plain").build();
311                 return response;
312             }
313             PermissionRoleSubResource subResource =
314                     new PermissionRoleSubResource(PermissionRoleSubResource.ROLE_PERMROLE_SERVICE);
315             //delete all relationships for a permission
316             subResource.deletePermissionRole((ServiceContext)null, roleCsid, SubjectType.PERMISSION);            
317         } catch (Exception e) {
318             throw bigReThrow(e, ServiceMessages.DELETE_FAILED, roleCsid);
319         }
320         
321         return Response.status(HttpResponseCodes.SC_OK).build();
322     }
323 }